diff --git a/docs/simplesamlphp-changelog.md b/docs/simplesamlphp-changelog.md
index 8e1c96b0d49627c597c74c75719d41d0ec53251d..a89fe7870b52c33af1db890d119edb09dc017845 100644
--- a/docs/simplesamlphp-changelog.md
+++ b/docs/simplesamlphp-changelog.md
@@ -311,6 +311,9 @@ Released 2017-11-20
   * Make sure we log the user out before reauthenticating.
   * More robust handling of IDPList support in proxy mode.
   * Increased `_authSource` field length in Logout Store.
+  * We now send the eduPersonTargetedID attribute in the correct
+    NameID XML form, instead of the incorrect simple string. We will also
+    refuse to parse an assertion with an eduPersonTargetedID in 'string' format.
 
 ### `smartattributes`
   * Fix SmartName authproc that failed to load.
diff --git a/docs/simplesamlphp-upgrade-notes-1.15.md b/docs/simplesamlphp-upgrade-notes-1.15.md
index a4ffd2483d3c320b80ac1e00607b8c154b033cda..f540193fb4e3891b0ab1d67bfaf1d4418590ee99 100644
--- a/docs/simplesamlphp-upgrade-notes-1.15.md
+++ b/docs/simplesamlphp-upgrade-notes-1.15.md
@@ -26,3 +26,7 @@ full certificate in `certData` instead.
 
 The `core:AttributeRealm` authproc filter has been deprecated.
 Please use `core:ScopeFromAttribute`, which is a generalised version of this.
+
+simpleSAMLphp will now send the eduPersonTargetedID attribute in the correct
+NameID XML form, instead of the incorrect simple string. It will also refuse
+to parse an assertion with an eduPersonTargetedID in 'string' format.